215 matches found
CVE-2022-1185
A denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7, 14.8.0 to 14.8.5, and 14.9.0 to 14.9.2 allows an attacker to crash the GitLab web application with a maliciously crafted RDoc file...
PT-2022-13699 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10 through 14.7.7 GitLab CE/EE versions 14.8.0 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.2 Description: A denial of service issue occurs when rendering RDoc files, allowing an attacker to crash the GitLab...
GitLab 缓冲区错误漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A buffer error vulnerability exists in GitLab CE/EE that allows an attacker to...
Oracle Linux 8 : ELSA-2022-0672-1: / ruby:2.5 (ELSA-2022-06721)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-06721 advisory. - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-3179...
ruby:2.5 security update
ruby 2.5.9-109.0.1 - Rebuild with a dependency containing fix for Orabug: 33921593 2.5.9-109 - Properly fix command injection vulnerability in Rdoc. Related: CVE-2021-31799 2.5.9-108 - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix StartTLS stripping vulnerability in...
Important: Red Hat Security Advisory: rh-ruby26-ruby security, bug fix, and enhancement update
An update for rh-ruby26-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
rubygem-rdoc: Command injection vulnerability in RDoc
An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...
rubygem-rdoc: Command injection vulnerability in RDoc
An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...
RHEL 8 : ruby:2.5 (RHSA-2022:0672)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0672 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
EulerOS 2.0 SP3 : ruby (EulerOS-SA-2022-1187)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a...
rubygem-rdoc: Command injection vulnerability in RDoc
An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...
rubygem-rdoc: Command injection vulnerability in RDoc
An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...
RHEL 8 : ruby:2.6 (RHSA-2022:0543)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0543 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Important: Red Hat Security Advisory: ruby:2.6 security update
An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
rubygem-rdoc: Command injection vulnerability in RDoc
An operating system command injection flaw was found in RDoc. Using the rdoc command to generate documentation for a malicious Ruby source code could lead to execution of arbitrary commands with the privileges of the user running rdoc...
RLSA-2022:0543 Important: ruby:2.6 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc:...
ruby:2.6 security update
An update is available for rubygem-bson, rubygem-mysql2, ruby, rubygem-mongo, rubygem-pg, rubygem-abrt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is a...
EulerOS Virtualization 3.0.6.0 : ruby (EulerOS-SA-2022-1093)
According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-1144)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : ruby (EulerOS-SA-2022-1144)
According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and...